Click here to download all references as Bib-File.•
2021-09-08
⋅
FireEye
⋅
Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S. |
2021-09-03
⋅
FireEye
⋅
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers CHINACHOPPER HTran |
2021-09-01
⋅
FireEye
⋅
Too Log; Didn't Read — Unknown Actor Using CLFS Log Files for Stealth PRIVATELOG STASHLOG |
2021-08-18
⋅
FireEye
⋅
Detecting Embedded Content in OOXML Documents |
2021-08-10
⋅
FireEye
⋅
UNC215: Spotlight on a Chinese Espionage Campaign in Israel HyperBro HyperSSL MimiKatz |
2021-08-04
⋅
FireEye
⋅
Cloudy with a Chance of APTNovel Microsoft 365 Attacks in the Wild |
2021-06-16
⋅
FireEye
⋅
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-05-27
⋅
FireEye
⋅
Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices UNC2630 UNC2717 |
2021-05-25
⋅
FireEye
⋅
Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises |
2021-05-11
⋅
FireEye
⋅
Shining a Light on DARKSIDE Ransomware Operations Cobalt Strike DarkSide |
2021-05-04
⋅
FireEye
⋅
The UNC2529 Triple Double: A Trifecta Phishing Campaign DOUBLEBACK |
2021-04-29
⋅
FireEye
⋅
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat Cobalt Strike FiveHands HelloKitty |
2021-04-28
⋅
FireEye
⋅
Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity |
2021-04-27
⋅
FireEye
⋅
Abusing Replication: Stealing AD FS Secrets Over the Network |
2021-04-20
⋅
FireEye
⋅
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise |
2021-04-20
⋅
FireEye
⋅
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day |
2021-04-20
⋅
Github (fireeye)
⋅
FireEye Mandiant PulseSecure Exploitation Countermeasures |
2021-03-31
⋅
FireEye
⋅
Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service |
2021-03-04
⋅
FireEye
⋅
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities CHINACHOPPER HAFNIUM |
2021-03-04
⋅
FireEye
⋅
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 UNC2452 |